Skip to main content

Deltav CVE-2012-1818

MEDIUM
Permissions, Privileges, and Access Controls (CWE-264)
2012-06-08 cret@cert.org
6.4
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
6.4 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:L/Au:N/C:N/I:P/A:P
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
P
Availability
P

Lifecycle Timeline

1
CVE Published
Jun 08, 2012 - 18:55 cve.org
MEDIUM 6.4

DescriptionCVE.org

An unspecified ActiveX control in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to overwrite arbitrary files via unknown vectors.

AnalysisAI

An unspecified ActiveX control in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to overwrite. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-264. An unspecified ActiveX control in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to overwrite arbitrary files via unknown vectors. Affected products include: Emerson Deltav, Emerson Deltav Proessentials Scientific Graph, Emerson Deltav Workstation.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More in Deltav

View all
CVE-2018-14795 HIGH
8.8 Aug 21

DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable due to improper path validation which may allow an

CVE-2018-14793 HIGH
8.8 Aug 21

DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable to a buffer overflow exploit through an open commun

CVE-2012-1817 HIGH
7.5 Jun 08

Buffer overflow in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scien

CVE-2018-14797 HIGH
7.8 Aug 23

Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 allow a specially crafted DLL file to be placed in the se

CVE-2018-14791 HIGH
7.8 Aug 23

Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 may allow non-administrative users to change executable a

CVE-2012-1815 HIGH
7.5 Jun 08

SQL injection vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEsse

CVE-2016-9345 MEDIUM
6.8 Feb 13

An issue was discovered in Emerson DeltaV Easy Security Management DeltaV V12.3, DeltaV V12.3.1, and DeltaV V13.3. Rated

CVE-2014-2349 MEDIUM
6.2 May 22

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote at

CVE-2012-1816 MEDIUM
5.0 Jun 08

PORTSERV.exe in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientif

CVE-2012-3035 MEDIUM
5.0 Oct 01

Buffer overflow in Emerson DeltaV 9.3.1 and 10.3 through 11.3.1 allows remote attackers to cause a denial of service (da

CVE-2012-1814 MEDIUM
4.3 Jun 08

Cross-site scripting (XSS) vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and D

CVE-2014-2350 LOW
2.4 May 22

Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote at

Share

CVE-2012-1818 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy